[
[email protected] exim]# cat mainlog-20140706 | grep impersonating | wc -l
2533
Were all send to the same domain, but all from different IP addresses (i have replaced the actual domain by domain.nl):
2014-07-05 16:59:20 H=(domain.nl) [117.220.241.121] rejected EHLO or HELO domain.nl: Bad HELO - Host impersonating domain name [domain.nl]
2014-07-05 17:01:42 H=(domain.nl) [81.16.15.106] rejected EHLO or HELO domain.nl: Bad HELO - Host impersonating domain name [domain.nl]
2014-07-05 17:03:03 H=130-204-45-114.2073762043.ddns.cablebg.net (domain.nl) [130.204.45.114] rejected EHLO or HELO domain.nl: Bad HELO - Host impersonating domain name [domain.nl]
2014-07-05 17:05:07 H=(domain.nl) [213.111.146.216] rejected EHLO or HELO domain.nl: Bad HELO - Host impersonating domain name [domain.nl]
2014-07-05 17:05:53 H=(domain.nl) [91.200.138.241] rejected EHLO or HELO domain.nl: Bad HELO - Host impersonating domain name [domain.nl]
2014-07-05 17:07:10 H=(domain.nl) [31.170.150.67] rejected EHLO or HELO domain.nl: Bad HELO - Host impersonating domain name [domain.nl]
2014-07-05 17:09:25 H=(domain.nl) [95.67.189.182] rejected EHLO or HELO domain.nl: Bad HELO - Host impersonating domain name [domain.nl]